Create trivial sys_checkpoint and sys_restore system calls. They willenable to checkpoint and restart an entire container, to and from acheckpoint image file descriptor.

The syscalls take a file descriptor (for the image file) and flags asarguments. For sys_checkpoint the first argument identifies the targetcontainer; for sys_restart it will identify the checkpoint image.

A checkpoint, much like a process coredump, dumps the state of multipleprocesses at once, including the state of the container. The checkpointimage is written to (and read from) the file descriptor directly fromthe kernel. This way the data is generated and then pushed out naturallyas resources and tasks are scanned to save their state. This is theapproach taken by, e.g., Zap and OpenVZ.

By using a return value and not a file descriptor, we can distinguishbetween a return from checkpoint, a return from restart (in case of acheckpoint that includes self, i.e. a task checkpointing its owncontainer, or itself), and an error condition, in a manner analogousto a fork() call.

We don't use copyin()/copyout() because it requires holding the entireimage in user space, and does not make sense for restart. Also, wedon't use a pipe, pseudo-fs file and the like, because they work bygenerating data on demand as the user pulls it (unless the entireimage is buffered in the kernel) and would require more complex logic.They also would significantly complicate checkpoint that includes self.